Cybercriminals are increasingly using spear-phishing emails to get users to click malicious links or to open malicious file attachments, laterally moving across target networks, maintaining persistent access to breached networks, and using other techniques more typical of threat actors. While the concept of using...
Both Microsoft and Apple this week released patches to address the so-called "Freak" flaw in SSL/TLS. Microsoft also released a fix that addresses a failed 2010 patch for a vulnerability that was exploited by the Stuxnet malware.
During her first month on the job, former Secretary of State Hillary Clinton used a private email server that lacked a digital certificate that would have ensured encrypted and authenticated email communications, surmises security firm Venafi.
When IT veteran Branden Spikes founded his own company devoted to isolating browsers from attacks, he thought building the technology would be the top challenge. The venture capital community proved him wrong.
With the introduction of sophisticated threats such as advanced phishing and malware, authentication can become less effective. Authentication methods can be bypassed by fraudsters and traditional risk-based authentication solutions can cause many users to be unnecessarily challenged and disrupted, yet do not manage...
Mobile banking continues to gain momentum, growing faster than any other delivery channel to date. Many financial institutions want to expand capabilities in the mobile channel, but are concerned about security. Given the evolving threats, mobile innovation has outpaced the industry's appetite for deploying new...
Cybercriminals are stepping up their attacks on financial institutions by gaining control of customer devices with highly advanced man-in-the-browser (MitB) malware and spear phishing attacks. They then conduct real-time credential theft and take over accounts. The main reason for cybercriminals' continued success is...
The malware industry supplies all the components cybercriminals need to easily perpetrate malware-driven financial fraud and data theft. In today's virtual world, the
scope of organizations vulnerable to malware-driven cybercrime is quite broad. In addition to banks and credit unions that are subject to online...
With the rise of mobile usage and increased mobile banking functionality, cybercriminals are targeting the mobile channel with advanced malware, cross channel attacks across online and mobile and social engineering that have typically been seen on the PC.
Read this white paper to learn more about the emerging...
The primary approaches used to fight advanced threats over the past several years simply aren't effective. Traditional methods such as user education, vulnerability patching, and malware detection have failed to protect enterprises against the current threat landscape. Attackers continuously develop sophisticated...
Corporate credentials. They're the keys to your enterprise and more than likely you've taken many steps to protect them. However, what many CISOs and security managers are finding is that traditional approaches to preventing credentials theft from implementing stringent identity management policies to deploying...
In a world where a week rarely goes by without reports of at least one serious cyber attack against a major organization, it's important to ask; What's happening across the threat landscape? What kinds of attacks are being launched? How many of those attacks result in incidents requiring investigation?
Download...
Around the world, employees increasingly use their own mobile devices in the workplace, often accessing corporate applications after-hours and off-site. In fact, a recent survey found that 86 percent of organizations either allow or plan to allow the use of employee-owned devices for work functions. Within these...
The advent of cloud computing is beginning to transform the way companies engage with customers, partners, and suppliers to increase flexibility and streamline operations. Cloud computing makes it much easier for the organization to implement new business services and to create new revenue opportunities much faster....
Adhering to the Payment Card Industry Data Security Standard (PCI DSS) is one way that organizations attempt to protect their customers' sensitive payment card data from attack. However, PCI DSS compliance provides only a baseline for securing cardholder data. In this age of mobile, social and cloud computing,...
Our website uses cookies. Cookies enable us to provide the best experience possible and help us understand how visitors use our website. By browsing bankinfosecurity.co.uk, you agree to our use of cookies.